Request for assistance with removal of SurfShield

ken545 · Jul 6, 2014

Let me know how your system is behaving now

geraldgrogan · Jul 6, 2014

still seems to function normally, with no signs of infections.
Earlier, I was unable to make a backup of the reg settings, as it gave me an error message stating that access was denied. Sorry, I forgot to mention that.

ken545 · Jul 6, 2014

I know this is a PITA and you have better things to do, but shoot me one last scan with FRST, I dont need the addition log now

geraldgrogan · Jul 6, 2014

I am truly grateful for the assistance. I am back now. Had to dart out for an hour. performing scans now as requested

geraldgrogan · Jul 6, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by jmgrogan (administrator) on NOODLES-HTPC on 06-07-2014 13:57:26
Running from C:\Users\jmgrogan\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
() C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\RtkDashClientInstaller\RtkDashClient.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\jmgrogan\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehrec.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2012-07-31] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2014-01-22] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-1200520878-3419369555-4043073295-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
HKU\S-1-5-21-1200520878-3419369555-4043073295-1000\...\Run: [Digiarty_Software_AirPlayit] => "C:\Program Files\Digiarty\Air_Playit\airplayit.exe" -min
HKU\S-1-5-21-1200520878-3419369555-4043073295-1000\...\Run: [Viber] => "C:\Users\jmgrogan\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-1200520878-3419369555-4043073295-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-27] (Google Inc.)
HKU\S-1-5-21-1200520878-3419369555-4043073295-1000\...\MountPoints2: {de6d1283-e450-11e1-9f4a-806e6f6e6963} - E:\wubi.exe
Startup: C:\Users\jmgrogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.lnk
Startup: C:\Users\jmgrogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\jmgrogan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\jmgrogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1542003B16C8CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://abbottmeetings.webex.com/client/WBXclient-T27L10NSP32EP15-15155/webex/ieatgpc1.cab

FireFox:
========
FF ProfilePath: C:\Users\jmgrogan\AppData\Roaming\Mozilla\Firefox\Profiles\4s17s4rf.default
FF Homepage: hxxp://google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer - C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @Sibelius.com/Scorch Plugin - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Users\jmgrogan\AppData\Local\HuluDesktop\instances\0.9.14.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\jmgrogan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\jmgrogan\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-28]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll No File
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-03-05]
CHR Extension: (Google Drive) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-28]
CHR Extension: (Cat licking your screen) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bljgfogmfiepjlefknbnfopdoabpldcb [2014-05-28]
CHR Extension: (YouTube) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-12]
CHR Extension: (Nimbus Screenshot) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2014-04-08]
CHR Extension: (Google Search) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-12]
CHR Extension: (Cut the Rope) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2014-05-31]
CHR Extension: (avast! Online Security) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-07]
CHR Extension: (Clearly) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2014-02-21]
CHR Extension: (CanvasDraw) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\knfimpamngmggpbamfoomdpebdoleghe [2014-05-31]
CHR Extension: (Cute Kitten 2) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\knhilgggnegappnkfbeaeeiioopeamlc [2014-05-28]
CHR Extension: (My Global Ponies) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffeflcejpmnpedngepmhbafhmmpmgpg [2014-05-29]
CHR Extension: (Quick Note) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2014-04-08]
CHR Extension: (Google Wallet) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\jmgrogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-28]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-28] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2012-07-13] (Brother Industries, Ltd.) [File not signed]
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [177648 2014-03-28] (Coupons.com Inc.)
R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()
R2 FlipShareServer; C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] () [File not signed]
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7393280 2014-01-22] (LeapFrog Enterprises, Inc.) [File not signed]
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-28] ()
R3 hcw85cir; C:\Windows\System32\drivers\hcw85cir3.sys [33792 2011-09-29] (Hauppauge Computer Works, Inc.)
R3 hcw89; C:\Windows\System32\DRIVERS\hcw89.sys [1605376 2011-07-05] (Hauppauge Computer Works, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-06 13:57 - 2014-07-06 13:57 - 00027105 _____ () C:\Users\jmgrogan\Desktop\FRST.txt
2014-07-06 09:50 - 2014-07-06 09:51 - 00000000 ____D () C:\Users\jmgrogan\Downloads\7-6-2014
2014-07-06 09:46 - 2014-07-06 09:46 - 00000095 _____ () C:\Users\jmgrogan\Desktop\Regfix.reg
2014-07-06 09:43 - 2014-07-05 16:56 - 02084352 _____ (Farbar) C:\Users\jmgrogan\Desktop\FRST64.exe
2014-07-06 00:26 - 2014-07-06 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2
2014-07-06 00:02 - 2014-07-06 00:07 - 219574272 _____ () C:\Users\jmgrogan\Downloads\LibreOffice_4.2.5_Win_x86.msi
2014-07-05 21:34 - 2014-07-05 21:34 - 00291056 _____ () C:\Windows\Minidump\070514-91822-01.dmp
2014-07-05 20:49 - 2014-07-05 20:49 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-05 20:49 - 2014-07-05 20:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-05 20:49 - 2014-07-05 20:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-05 20:49 - 2014-07-05 20:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-05 20:49 - 2014-07-05 20:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-05 20:48 - 2014-07-05 20:48 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-05 20:48 - 2014-07-05 20:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-05 20:48 - 2014-07-05 20:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-05 20:48 - 2014-07-05 20:48 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-05 20:48 - 2014-07-05 20:48 - 00000000 ____D () C:\Program Files\Java
2014-07-05 19:07 - 2014-07-05 19:07 - 00000925 _____ () C:\Users\jmgrogan\Desktop\SNAGIT32.lnk
2014-07-05 19:07 - 2014-07-05 19:07 - 00000000 ____D () C:\Snagit32
2014-07-05 19:04 - 2014-07-05 20:50 - 00000000 ____D () C:\Users\jmgrogan\AppData\Local\Adobe
2014-07-05 16:58 - 2014-07-05 16:59 - 00052439 _____ () C:\Users\jmgrogan\Downloads\Addition.txt
2014-07-05 16:57 - 2014-07-06 13:57 - 00000000 ____D () C:\FRST
2014-07-05 16:57 - 2014-07-05 16:59 - 00059305 _____ () C:\Users\jmgrogan\Downloads\FRST.txt
2014-07-05 16:56 - 2014-07-05 16:56 - 02084352 _____ (Farbar) C:\Users\jmgrogan\Downloads\FRST64.exe
2014-06-30 19:53 - 2014-06-30 21:05 - 00000000 ____D () C:\Users\jmgrogan\Downloads\spybot_files
2014-06-30 19:43 - 2014-06-30 19:43 - 00000000 ____D () C:\Windows\ERDNT
2014-06-30 19:42 - 2014-06-30 19:42 - 00791393 _____ (Lars Hederer ) C:\Users\jmgrogan\Downloads\erunt-setup.exe
2014-06-30 19:42 - 2014-06-30 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-30 19:42 - 2014-06-30 19:42 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-28 22:31 - 2014-06-28 22:33 - 27167987 _____ () C:\Users\jmgrogan\Downloads\torbrowser-install-3.6.2_en-US.exe
2014-06-28 20:47 - 2014-06-28 20:47 - 00291544 _____ () C:\Windows\Minidump\062814-64303-01.dmp
2014-06-28 20:46 - 2014-07-05 21:33 - 1325973081 ____N () C:\Windows\MEMORY.DMP
2014-06-28 20:45 - 2014-06-28 20:45 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-06-27 07:39 - 2014-06-27 07:39 - 00291544 _____ () C:\Windows\Minidump\062714-65411-01.dmp
2014-06-26 20:00 - 2014-06-26 20:00 - 00291528 _____ () C:\Windows\Minidump\062614-56721-01.dmp
2014-06-26 19:26 - 2014-06-26 19:26 - 00000000 ____D () C:\Users\jmgrogan\Downloads\6209_25th_Ave
2014-06-26 19:16 - 2014-06-26 19:16 - 00291544 _____ () C:\Windows\Minidump\062614-61027-01.dmp
2014-06-25 19:03 - 2014-07-05 15:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-25 19:03 - 2014-06-25 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-25 19:03 - 2014-06-25 19:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-25 19:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-25 19:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-25 07:16 - 2014-06-25 07:16 - 00291544 _____ () C:\Windows\Minidump\062514-63508-01.dmp
2014-06-22 23:27 - 2014-06-22 23:27 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-22 23:27 - 2014-06-22 23:27 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-22 23:27 - 2014-06-22 23:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-22 23:27 - 2014-06-22 23:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 23:25 - 2014-06-22 23:26 - 00284224 _____ (Mozilla) C:\Users\jmgrogan\Downloads\Firefox Setup Stub 30.0.exe
2014-06-22 23:13 - 2014-06-22 23:13 - 00283168 _____ () C:\Windows\Minidump\062214-58500-01.dmp
2014-06-22 18:09 - 2014-06-22 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-22 18:08 - 2014-06-22 18:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-22 18:08 - 2014-06-22 18:09 - 00000000 ____D () C:\Program Files\iTunes
2014-06-22 18:08 - 2014-06-22 18:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-22 18:08 - 2014-06-22 18:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-22 18:02 - 2014-06-22 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-20 21:51 - 2014-06-20 21:51 - 00002051 _____ () C:\Windows\wininit.ini
2014-06-20 20:03 - 2014-06-20 20:03 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-20 10:04 - 2014-06-20 10:04 - 00002450 _____ () C:\Users\jmgrogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-20 10:02 - 2014-06-20 10:02 - 00002318 _____ () C:\Users\jmgrogan\Desktop\Continue installation - Octodad_DadliestCatchFullVersionGameFreeDownload Installation.lnk
2014-06-20 10:02 - 2014-06-20 10:02 - 00000000 ____D () C:\Users\jmgrogan\AppData\Local\4377
2014-06-19 22:50 - 2014-06-19 22:50 - 00291544 _____ () C:\Windows\Minidump\061914-64631-01.dmp
2014-06-19 16:48 - 2014-06-19 16:48 - 00291544 _____ () C:\Windows\Minidump\061914-37221-01.dmp
2014-06-15 11:39 - 2014-06-15 11:39 - 00291544 _____ () C:\Windows\Minidump\061514-32697-01.dmp
2014-06-14 06:00 - 2014-06-14 06:00 - 00291424 _____ () C:\Windows\Minidump\061414-32370-01.dmp
2014-06-12 19:56 - 2014-06-12 19:56 - 00291544 _____ () C:\Windows\Minidump\061214-35365-01.dmp
2014-06-11 13:26 - 2014-06-11 13:26 - 00291544 _____ () C:\Windows\Minidump\061114-39374-01.dmp
2014-06-11 04:16 - 2014-06-08 04:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 04:16 - 2014-06-08 04:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 04:16 - 2014-05-23 21:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 04:16 - 2014-05-23 21:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 04:16 - 2014-05-23 21:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 04:16 - 2014-05-23 21:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 04:16 - 2014-05-23 21:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 04:16 - 2014-05-23 21:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 04:16 - 2014-05-23 21:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 04:16 - 2014-05-23 20:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 04:16 - 2014-05-23 20:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 04:16 - 2014-05-23 20:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 04:16 - 2014-05-23 20:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 04:16 - 2014-05-23 20:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 04:16 - 2014-05-23 20:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 04:16 - 2014-05-23 20:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 04:16 - 2014-05-23 20:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 04:16 - 2014-05-23 20:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 04:16 - 2014-05-23 20:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 04:16 - 2014-05-23 19:13 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-11 04:16 - 2014-05-23 19:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-11 04:16 - 2014-05-08 04:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 04:16 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 04:16 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 04:16 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 04:16 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 04:16 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 04:16 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 04:16 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 04:16 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 04:16 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 04:16 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 04:16 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 04:16 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 04:16 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-10 06:25 - 2014-06-10 06:25 - 00291544 _____ () C:\Windows\Minidump\061014-31839-01.dmp
2014-06-07 08:04 - 2014-06-07 08:04 - 00000000 ____D () C:\Users\jmgrogan\Tracing
2014-06-07 07:55 - 2014-06-07 07:55 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-07 07:55 - 2014-06-07 07:55 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-07 07:55 - 2014-06-07 07:55 - 00000000 ____D () C:\Windows\en
2014-06-07 07:54 - 2014-06-07 07:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-07 07:54 - 2014-06-07 07:54 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-06-07 07:54 - 2014-06-07 07:54 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-06-07 07:54 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2014-06-07 07:53 - 2014-06-07 07:54 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-07 07:53 - 2014-06-07 07:54 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-07 07:50 - 2014-06-07 07:50 - 00002191 _____ () C:\Users\jmgrogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-07 07:50 - 2014-06-07 07:50 - 00002104 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-07 07:50 - 2014-06-07 07:50 - 00002104 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-07 07:50 - 2014-06-07 07:50 - 00000000 ___RD () C:\Users\jmgrogan\OneDrive
2014-06-07 07:50 - 2014-06-07 07:50 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-06-07 07:50 - 2014-06-07 07:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-06-07 07:49 - 2014-06-07 08:04 - 00000000 ____D () C:\Users\jmgrogan\AppData\Local\Windows Live
2014-06-07 07:49 - 2014-06-07 07:49 - 01239752 _____ (Microsoft Corporation) C:\Users\jmgrogan\Downloads\wlsetup-web.exe

==================== One Month Modified Files and Folders =======

2014-07-06 13:57 - 2014-07-06 13:57 - 00027105 _____ () C:\Users\jmgrogan\Desktop\FRST.txt
2014-07-06 13:57 - 2014-07-05 16:57 - 00000000 ____D () C:\FRST
2014-07-06 13:53 - 2012-08-12 00:46 - 01494747 _____ () C:\Windows\WindowsUpdate.log
2014-07-06 13:52 - 2012-08-12 02:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 13:45 - 2012-11-27 02:28 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5BAB1382-E444-45B1-92A2-DBDA6DCE3B31}
2014-07-06 13:38 - 2012-08-12 02:14 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 11:59 - 2013-07-26 19:12 - 00000000 ____D () C:\Users\jmgrogan\AppData\Local\join.me
2014-07-06 11:58 - 2009-07-13 23:45 - 00026240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-06 11:58 - 2009-07-13 23:45 - 00026240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-06 11:50 - 2014-04-03 20:41 - 00000000 ____D () C:\Users\jmgrogan\AppData\Roaming\DropboxMaster
2014-07-06 11:50 - 2013-09-16 20:52 - 00000308 _____ () C:\Windows\Tasks\RtlDashSrvStart.job
2014-07-06 11:50 - 2012-12-25 14:38 - 00000000 ___RD () C:\Users\jmgrogan\Dropbox
2014-07-06 11:50 - 2012-12-25 13:53 - 00000000 ____D () C:\Users\jmgrogan\AppData\Roaming\Dropbox
2014-07-06 11:50 - 2012-08-12 02:14 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 11:50 - 2009-07-13 23:51 - 00133645 _____ () C:\Windows\setupact.log
2014-07-06 11:49 - 2012-08-18 02:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-06 11:49 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-06 09:51 - 2014-07-06 09:50 - 00000000 ____D () C:\Users\jmgrogan\Downloads\7-6-2014
2014-07-06 09:46 - 2014-07-06 09:46 - 00000095 _____ () C:\Users\jmgrogan\Desktop\Regfix.reg
2014-07-06 00:32 - 2012-08-17 23:16 - 00000000 ____D () C:\Users\jmgrogan\AppData\Roaming\XBMC
2014-07-06 00:26 - 2014-07-06 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2
2014-07-06 00:26 - 2014-05-15 23:56 - 00001500 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-07-06 00:26 - 2014-05-15 23:55 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-07-06 00:07 - 2014-07-06 00:02 - 219574272 _____ () C:\Users\jmgrogan\Downloads\LibreOffice_4.2.5_Win_x86.msi
2014-07-05 21:34 - 2014-07-05 21:34 - 00291056 _____ () C:\Windows\Minidump\070514-91822-01.dmp
2014-07-05 21:34 - 2012-08-13 16:44 - 00000000 ____D () C:\Windows\Minidump
2014-07-05 21:33 - 2014-06-28 20:46 - 1325973081 ____N () C:\Windows\MEMORY.DMP
2014-07-05 20:50 - 2014-07-05 19:04 - 00000000 ____D () C:\Users\jmgrogan\AppData\Local\Adobe
2014-07-05 20:50 - 2012-08-12 02:49 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-05 20:50 - 2012-08-12 02:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-05 20:50 - 2012-08-12 02:49 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-05 20:49 - 2014-07-05 20:49 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-05 20:49 - 2014-07-05 20:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-05 20:49 - 2014-07-05 20:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-05 20:49 - 2014-07-05 20:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-05 20:49 - 2014-07-05 20:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-05 20:48 - 2014-07-05 20:48 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-05 20:48 - 2014-07-05 20:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-05 20:48 - 2014-07-05 20:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-05 20:48 - 2014-07-05 20:48 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-05 20:48 - 2014-07-05 20:48 - 00000000 ____D () C:\Program Files\Java
2014-07-05 19:07 - 2014-07-05 19:07 - 00000925 _____ () C:\Users\jmgrogan\Desktop\SNAGIT32.lnk
2014-07-05 19:07 - 2014-07-05 19:07 - 00000000 ____D () C:\Snagit32
2014-07-05 16:59 - 2014-07-05 16:58 - 00052439 _____ () C:\Users\jmgrogan\Downloads\Addition.txt
2014-07-05 16:59 - 2014-07-05 16:57 - 00059305 _____ () C:\Users\jmgrogan\Downloads\FRST.txt
2014-07-05 16:56 - 2014-07-06 09:43 - 02084352 _____ (Farbar) C:\Users\jmgrogan\Desktop\FRST64.exe
2014-07-05 16:56 - 2014-07-05 16:56 - 02084352 _____ (Farbar) C:\Users\jmgrogan\Downloads\FRST64.exe
2014-07-05 16:54 - 2013-12-08 09:34 - 00000000 ____D () C:\Users\jmgrogan\AppData\Local\CrashDumps
2014-07-05 15:15 - 2014-06-25 19:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 14:57 - 2010-11-20 22:47 - 01025570 _____ () C:\Windows\PFRO.log
2014-07-04 00:15 - 2012-08-17 21:44 - 00000600 _____ () C:\Users\jmgrogan\AppData\Local\PUTTY.RND
2014-06-30 21:05 - 2014-06-30 19:53 - 00000000 ____D () C:\Users\jmgrogan\Downloads\spybot_files
2014-06-30 19:43 - 2014-06-30 19:43 - 00000000 ____D () C:\Windows\ERDNT
2014-06-30 19:42 - 2014-06-30 19:42 - 00791393 _____ (Lars Hederer ) C:\Users\jmgrogan\Downloads\erunt-setup.exe
2014-06-30 19:42 - 2014-06-30 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-30 19:42 - 2014-06-30 19:42 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-30 19:17 - 2014-02-01 19:01 - 00000000 ____D () C:\Users\jmgrogan\AppData\Roaming\TeamViewer
2014-06-29 00:21 - 2012-09-21 20:50 - 00000000 ____D () C:\Users\jmgrogan\AppData\Roaming\Notepad++
2014-06-29 00:06 - 2012-09-21 20:50 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-06-28 22:35 - 2013-08-02 23:19 - 00000000 ____D () C:\Users\jmgrogan\Downloads\Tor Browser
2014-06-28 22:33 - 2014-06-28 22:31 - 27167987 _____ () C:\Users\jmgrogan\Downloads\torbrowser-install-3.6.2_en-US.exe
2014-06-28 20:47 - 2014-06-28 20:47 - 00291544 _____ () C:\Windows\Minidump\062814-64303-01.dmp
2014-06-28 20:45 - 2014-06-28 20:45 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-06-28 20:45 - 2014-06-05 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-06-28 20:45 - 2013-01-02 03:19 - 00000000 ____D () C:\Program Files\DivX
2014-06-28 20:45 - 2013-01-02 03:19 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-06-28 20:45 - 2013-01-02 03:18 - 00000000 ____D () C:\ProgramData\DivX
2014-06-27 07:39 - 2014-06-27 07:39 - 00291544 _____ () C:\Windows\Minidump\062714-65411-01.dmp
2014-06-26 20:03 - 2014-05-28 19:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-26 20:00 - 2014-06-26 20:00 - 00291528 _____ () C:\Windows\Minidump\062614-56721-01.dmp
2014-06-26 19:26 - 2014-06-26 19:26 - 00000000 ____D () C:\Users\jmgrogan\Downloads\6209_25th_Ave
2014-06-26 19:16 - 2014-06-26 19:16 - 00291544 _____ () C:\Windows\Minidump\062614-61027-01.dmp
2014-06-25 19:03 - 2014-06-25 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-25 19:03 - 2014-06-25 19:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-25 19:03 - 2013-10-05 11:52 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-25 19:03 - 2013-10-05 11:52 - 00000000 ____D () C:\Users\jmgrogan\AppData\Roaming\Malwarebytes
2014-06-25 19:03 - 2013-10-05 11:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-25 19:03 - 2013-10-05 11:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-25 07:16 - 2014-06-25 07:16 - 00291544 _____ () C:\Windows\Minidump\062514-63508-01.dmp
2014-06-22 23:28 - 2012-08-12 02:44 - 00000000 ____D () C:\Users\jmgrogan\AppData\Roaming\Mozilla
2014-06-22 23:27 - 2014-06-22 23:27 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-22 23:27 - 2014-06-22 23:27 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-22 23:27 - 2014-06-22 23:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-22 23:27 - 2014-06-22 23:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 23:26 - 2014-06-22 23:25 - 00284224 _____ (Mozilla) C:\Users\jmgrogan\Downloads\Firefox Setup Stub 30.0.exe
2014-06-22 23:13 - 2014-06-22 23:13 - 00283168 _____ () C:\Windows\Minidump\062214-58500-01.dmp
2014-06-22 18:09 - 2014-06-22 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-22 18:09 - 2014-06-22 18:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-22 18:09 - 2014-06-22 18:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-22 18:09 - 2014-06-22 18:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-22 18:09 - 2012-11-21 15:27 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-22 18:08 - 2014-06-22 18:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-22 18:04 - 2012-11-21 15:25 - 00000000 ____D () C:\ProgramData\Apple
2014-06-22 18:02 - 2014-06-22 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-22 18:02 - 2013-11-28 13:55 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-06-22 18:02 - 2013-11-28 13:55 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-06-22 17:59 - 2012-11-21 15:27 - 00000000 ____D () C:\Users\jmgrogan\AppData\Roaming\Apple Computer
2014-06-22 15:03 - 2014-05-11 19:14 - 00000000 ____D () C:\Users\jmgrogan\AppData\Roaming\.minecraft
2014-06-22 06:39 - 2014-02-09 14:45 - 00006760 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
2014-06-22 06:38 - 2014-02-01 19:01 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-22 06:38 - 2014-02-01 19:01 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-21 09:40 - 2013-03-16 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-20 21:51 - 2014-06-20 21:51 - 00002051 _____ () C:\Windows\wininit.ini
2014-06-20 20:03 - 2014-06-20 20:03 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-20 15:02 - 2009-07-14 00:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-20 10:04 - 2014-06-20 10:04 - 00002450 _____ () C:\Users\jmgrogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-20 10:02 - 2014-06-20 10:02 - 00002318 _____ () C:\Users\jmgrogan\Desktop\Continue installation - Octodad_DadliestCatchFullVersionGameFreeDownload Installation.lnk
2014-06-20 10:02 - 2014-06-20 10:02 - 00000000 ____D () C:\Users\jmgrogan\AppData\Local\4377
2014-06-19 22:50 - 2014-06-19 22:50 - 00291544 _____ () C:\Windows\Minidump\061914-64631-01.dmp
2014-06-19 16:48 - 2014-06-19 16:48 - 00291544 _____ () C:\Windows\Minidump\061914-37221-01.dmp
2014-06-17 19:33 - 2012-08-12 02:14 - 00003898 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-17 19:33 - 2012-08-12 02:14 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-15 11:39 - 2014-06-15 11:39 - 00291544 _____ () C:\Windows\Minidump\061514-32697-01.dmp
2014-06-14 06:00 - 2014-06-14 06:00 - 00291424 _____ () C:\Windows\Minidump\061414-32370-01.dmp
2014-06-13 18:07 - 2014-05-06 00:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 19:56 - 2014-06-12 19:56 - 00291544 _____ () C:\Windows\Minidump\061214-35365-01.dmp
2014-06-12 17:14 - 2013-07-28 11:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 17:11 - 2013-11-14 05:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 17:11 - 2012-08-12 01:05 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 13:26 - 2014-06-11 13:26 - 00291544 _____ () C:\Windows\Minidump\061114-39374-01.dmp
2014-06-10 06:25 - 2014-06-10 06:25 - 00291544 _____ () C:\Windows\Minidump\061014-31839-01.dmp
2014-06-08 04:13 - 2014-06-11 04:16 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 04:08 - 2014-06-11 04:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 08:04 - 2014-06-07 08:04 - 00000000 ____D () C:\Users\jmgrogan\Tracing
2014-06-07 08:04 - 2014-06-07 07:49 - 00000000 ____D () C:\Users\jmgrogan\AppData\Local\Windows Live
2014-06-07 08:04 - 2012-08-12 00:46 - 00000000 ____D () C:\Users\jmgrogan
2014-06-07 07:55 - 2014-06-07 07:55 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-07 07:55 - 2014-06-07 07:55 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-07 07:55 - 2014-06-07 07:55 - 00000000 ____D () C:\Windows\en
2014-06-07 07:55 - 2014-06-07 07:54 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-07 07:54 - 2014-06-07 07:54 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-06-07 07:54 - 2014-06-07 07:54 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-06-07 07:54 - 2014-06-07 07:53 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-07 07:54 - 2014-06-07 07:53 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-07 07:54 - 2013-11-14 05:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-06-07 07:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-07 07:51 - 2013-08-20 01:22 - 00012455 _____ () C:\Windows\DirectX.log
2014-06-07 07:50 - 2014-06-07 07:50 - 00002191 _____ () C:\Users\jmgrogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-07 07:50 - 2014-06-07 07:50 - 00002104 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-07 07:50 - 2014-06-07 07:50 - 00002104 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-07 07:50 - 2014-06-07 07:50 - 00000000 ___RD () C:\Users\jmgrogan\OneDrive
2014-06-07 07:50 - 2014-06-07 07:50 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-06-07 07:50 - 2014-06-07 07:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-06-07 07:49 - 2014-06-07 07:49 - 01239752 _____ (Microsoft Corporation) C:\Users\jmgrogan\Downloads\wlsetup-web.exe
2014-06-07 06:23 - 2013-07-14 13:04 - 00000000 ____D () C:\Users\jmgrogan\AppData\Local\Screencast-O-Matic

Some content of TEMP:
====================
C:\Users\jmgrogan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxpnqhp.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-28 00:49

==================== End Of Log ============================

geraldgrogan · Jul 6, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by jmgrogan at 2014-07-06 13:58:43
Running from C:\Users\jmgrogan\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

2.1.0 (HKLM-x32\...\{4F80F043-B003-4820-B8E3-CB7E6CF5BB03}_is1) (Version: 2.1.0 - Christian Koban)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Amazon Cloud Drive (HKCU\...\23ab716f18849b6f) (Version: 2.1.2013.1340 - Amazon)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.0.1 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.0.1 - Amazon Services LLC) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Business Contact Manager for Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Camtasia Studio 8 (HKLM-x32\...\{58C8CFA6-BE34-4DFE-91F5-D807F402DFC1}) (Version: 8.2.0.1416 - TechSmith Corporation)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.8) (Version: 5.0.0.8 - Coupons.com Incorporated)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Easy Video Capture for Win 1.8 (HKLM-x32\...\{F1D682C6-3506-41DD-B26E-BB2AC26C7625}_is1) (Version: - video-recorder.net)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
Evernote v. 5.4 (HKLM-x32\...\{59071464-DAEE-11E3-9080-00163E98E7D0}) (Version: 5.4.0.3698 - Evernote Corp.)
EVGA Precision 1.8.1 (HKLM-x32\...\Precision) (Version: 1.8.1 - EVGA Corporation)
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
FlipShare (HKLM-x32\...\{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}) (Version: 5.12.3.0 - Flip Video)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HL-3170CDW (HKLM-x32\...\{C6580DE1-F539-4700-ADD2-3185121E51A8}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
join.me (HKCU\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.3.0.18537 - LeapFrog)
LeapFrog Connect (x32 Version: 5.3.0.18537 - LeapFrog) Hidden
LeapFrog Leapster2 Plugin (x32 Version: 5.2.1.18456 - LeapFrog) Hidden
LibreOffice 4.2.5.2 (HKLM-x32\...\{8D8F47B2-0E03-4C50-9803-A01120878F96}) (Version: 4.2.5.2 - The Document Foundation)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvel Heroes Game (HKLM-x32\...\{ca6069b5-fc6b-4ce8-a03e-2304143706b7}_is1) (Version: 1.0 - Gazillion Entertainment)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Sounds (HKLM-x32\...\{10CE1EA2-12E9-11D3-825E-00C04F6843FE}) (Version: 1.0.0.0 - Microsoft Corp)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{BA4DA261-CB60-4690-B202-44998DFC6986}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Streets & Trips 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-4444BC2C2B6D}) (Version: 19.0.18.1100 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010) (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Movavi Video Editor (HKLM-x32\...\Movavi Video Editor 9) (Version: 9.0.3 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Musicnotes Software Suite 1.7.2 (HKLM-x32\...\Musicnotes Combined Installer_is1) (Version: 1.7.2 - Musicnotes Inc.)
Muvic Smartbar (HKLM-x32\...\{1EB8010A-F431-4F8F-874A-506B2B51F3D2}) (Version: 11.51.58.16919 - PinWid Ltd.) <==== ATTENTION
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.07 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.07 - NVIDIA Corporation)
NVIDIA Control Panel 314.07 (Version: 314.07 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.07 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1407 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.46.610.2011 - Realtek)
RivaTuner Statistics Server 5.2.0 (HKLM-x32\...\RTSS) (Version: 5.2.0 - Unwinder)
RtkDashClientInstaller (HKLM-x32\...\{91EA9C6F-1666-4426-9C80-85019A7A0D62}) (Version: 1.0.9 - Realtek)
Screencast-O-Matic (HKCU\...\Screencast-O-Matic) (Version: - Screencast-O-Matic)
SeaMonkey 2.16.2 (x86 en-US) (HKLM-x32\...\SeaMonkey 2.16.2 (x86 en-US)) (Version: 2.16.2 - Mozilla)
Service Pack 1 for SQL Server 2008 (KB968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SurfShield (HKLM-x32\...\SurfShield) (Version: 0.9.37 - Holdsmart Technology Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Toolkit 6 (HKLM-x32\...\{E2E8BDDE-6F1B-4A5D-870D-2748DA79360C}) (Version: - )
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2178 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0473 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0184 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
TurboTax 2012 wwiiper (x32 Version: 012.000.1551 - Intuit Inc.) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.2118 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0492 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0169 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden
TurboTax 2013 wwiiper (x32 Version: 013.000.1406 - Intuit Inc.) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin) (HKLM-x32\...\Leapster2Plugin) (Version: - LeapFrog)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.24 - NCH Software)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version: - )
w.bloggar 3.03 (HKLM-x32\...\{DA180A92-6927-476E-9819-17B47562EA8D}) (Version: v3.03 - Marcelo Leal Limaverde Cabral)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version: - )
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl)
XBMC (HKCU\...\XBMC) (Version: - Team XBMC)
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)

==================== Restore Points =========================

06-07-2014 18:09:14 Scheduled Checkpoint

==================== Hosts content: ==========================

2009-07-13 21:34 - 2014-07-05 18:55 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0A0BEE38-6C0C-4476-91BE-7202CF14E47B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-05] (Adobe Systems Incorporated)
Task: {3B2E3F85-56B7-46FA-9323-8B1856E4EF35} - System32\Tasks\RtlDashSrvStart => C:\Program Files (x86)\Realtek\RtkDashClientInstaller\RtkDashClient.exe [2011-09-22] (Realtek Semiconductor Corporation)
Task: {992FF1B1-F80E-471E-94DA-69055B6422C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-12] (Google Inc.)
Task: {BE53DBD1-16C4-409D-B390-C197DCA4846C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E5BC1459-9127-4C98-969C-158CB3733753} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-12] (Google Inc.)
Task: {E648DB95-5FF8-432F-A87D-EFE732A3A004} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-28] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RtlDashSrvStart.job => C:\Program Files (x86)\Realtek\RtkDashClientInstaller\RtkDashClient.exe

==================== Loaded Modules (whitelisted) =============

2014-03-19 21:09 - 2013-02-09 20:04 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-19 19:23 - 2012-07-31 11:31 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2014-05-04 19:38 - 2014-06-06 07:27 - 00020472 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2011-05-06 13:07 - 2011-05-06 13:07 - 00460144 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
2011-05-06 12:58 - 2011-05-06 12:58 - 01085440 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
2014-01-10 00:26 - 2014-01-10 00:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-12 04:49 - 2014-05-12 04:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-07-06 05:40 - 2014-07-06 05:40 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070600\algo.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-10-26 00:06 - 2010-10-26 00:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
2011-05-06 13:07 - 2011-05-06 13:07 - 04317184 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll
2011-05-06 13:02 - 2011-05-06 13:02 - 00737280 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll
2010-10-26 00:23 - 2010-10-26 00:23 - 08351744 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll
2010-10-26 00:08 - 2010-10-26 00:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll
2010-10-26 00:23 - 2010-10-26 00:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll
2010-10-26 00:06 - 2010-10-26 00:06 - 00364544 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll
2010-10-26 08:34 - 2010-10-26 08:34 - 11853824 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll
2010-10-26 00:37 - 2010-10-26 00:37 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll
2010-05-20 13:49 - 2010-05-20 13:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll
2010-10-26 00:06 - 2010-10-26 00:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtCore4.dll
2010-10-26 00:08 - 2010-10-26 00:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtNetwork4.dll
2010-10-26 00:23 - 2010-10-26 00:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtSql4.dll
2010-05-20 13:49 - 2010-05-20 13:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoFoundation.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNet.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 00175616 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNetSSL.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 00291840 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoUtil.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoXML.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 00110592 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoCrypto.dll
2014-07-06 11:50 - 2014-07-06 11:50 - 00043008 _____ () c:\users\jmgrogan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxpnqhp.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\jmgrogan\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-13 16:22 - 2014-05-13 16:22 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-05-13 16:22 - 2014-05-13 16:22 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2013-12-24 19:10 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-05-28 19:33 - 2014-05-28 19:33 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 00:28 - 2014-01-10 00:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-07-06 11:50 - 2014-07-06 11:50 - 00098816 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32api.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00110080 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\pywintypes27.dll
2014-07-06 11:50 - 2014-07-06 11:50 - 00364544 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\pythoncom27.dll
2014-07-06 11:50 - 2014-07-06 11:50 - 00045568 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\_socket.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 01160704 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\_ssl.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00320512 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32com.shell.shell.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00713216 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\_hashlib.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 01175040 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\wx._core_.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00805888 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\wx._gdi_.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00811008 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\wx._windows_.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 01062400 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\wx._controls_.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00735232 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\wx._misc_.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00128512 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\_elementtree.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00127488 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\pyexpat.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00557056 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\pysqlite2._sqlite.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00007168 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\hashobjs_ext.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00087552 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\_ctypes.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00119808 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32file.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00108544 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32security.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00018432 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32event.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00038912 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32inet.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00070656 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\wx._html2.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00167936 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32gui.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00011264 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32crypt.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00027136 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\_multiprocessing.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00122368 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\wx._wizard.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00010240 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\select.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00024064 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32pipe.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00686080 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\unicodedata.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00025600 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32pdh.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00525640 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\windows._lib_cacheinvalidation.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00035840 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32process.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00017408 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32profile.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00022528 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\win32ts.pyd
2014-07-06 11:50 - 2014-07-06 11:50 - 00078336 _____ () C:\Users\jmgrogan\AppData\Local\Temp\_MEI40682\wx._animate.pyd
2014-06-22 23:27 - 2014-06-05 23:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-06-28 20:53 - 2014-06-28 23:55 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP

1B5B4F1

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\jmgrogan\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\jmgrogan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2014 00:00:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9db
Exception code: 0xc0000005
Fault offset: 0x0000000000017ef1
Faulting process id: 0x8e0
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3

Error: (07/06/2014 11:50:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2014 06:04:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mcupdate.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7af4a
Faulting module name: mscorwks.dll, version: 2.0.50727.5477, time stamp: 0x5265c8ee
Exception code: 0xc0000005
Fault offset: 0x0000000000546544
Faulting process id: 0x%9
Faulting application start time: 0xmcupdate.EXE0
Faulting application path: mcupdate.EXE1
Faulting module path: mcupdate.EXE2
Report Id: mcupdate.EXE3

Error: (07/06/2014 06:04:52 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEE9EB54F6) (80131506)

Error: (07/06/2014 02:38:26 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEE9EB54F6) (80131506)

Error: (07/06/2014 02:30:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ehRec.exe, version: 6.1.7600.16385, time stamp: 0x4a5bd034
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x1674
Faulting application start time: 0xehRec.exe0
Faulting application path: ehRec.exe1
Faulting module path: ehRec.exe2
Report Id: ehRec.exe3

Error: (07/06/2014 02:30:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mcupdate.exe, version: 6.1.7601.17514, time stamp: 0x4ce7af4a
Faulting module name: mscorwks.dll, version: 2.0.50727.5477, time stamp: 0x5265c8ee
Exception code: 0xc0000005
Fault offset: 0x000000000054688e
Faulting process id: 0x%9
Faulting application start time: 0xmcupdate.exe0
Faulting application path: mcupdate.exe1
Faulting module path: mcupdate.exe2
Report Id: mcupdate.exe3

Error: (07/06/2014 02:30:41 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEEA8554F6) (80131506)

Error: (07/06/2014 02:30:37 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEE9EB54F6) (80131506)

Error: (07/06/2014 00:35:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9db
Exception code: 0xc0000005
Fault offset: 0x00000000000544e0
Faulting process id: 0x89c
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3

System errors:
=============
Error: (07/06/2014 00:00:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/06/2014 02:58:45 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/06/2014 00:35:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/05/2014 09:34:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SBSD Security Center Service service failed to start due to the following error:
%%1053

Error: (07/05/2014 09:34:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.

Error: (07/05/2014 09:34:54 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000000a (0x0000000000000048, 0x0000000000000002, 0x0000000000000001, 0xfffff80002cc4929)C:\Windows\MEMORY.DMP070514-91822-01

Error: (07/05/2014 09:34:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:32:31 PM on ‎7/‎5/‎2014 was unexpected.

Error: (07/05/2014 09:24:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/05/2014 08:50:10 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/05/2014 04:50:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Superfetch service terminated with service-specific error %%0.

Microsoft Office Sessions:
=========================
Error: (07/06/2014 00:00:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc00000050000000000017ef18e001cf993a527ac6d8C:\Windows\system32\svchost.exec:\windows\system32\sysmain.dll0f56dbcf-052f-11e4-8f2a-6c626d80af17

Error: (07/06/2014 11:50:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2014 06:04:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcupdate.EXE6.1.7601.175144ce7af4amscorwks.dll2.0.50727.54775265c8eec00000050000000000546544

Error: (07/06/2014 06:04:52 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEE9EB54F6) (80131506)

Error: (07/06/2014 02:38:26 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEE9EB54F6) (80131506)

Error: (07/06/2014 02:30:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ehRec.exe6.1.7600.163854a5bd034ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102167401cf98ec3550f713C:\Windows\ehome\ehRec.exeC:\Windows\SYSTEM32\ntdll.dll78d8bf2c-04df-11e4-b2b1-6c626d80af17

Error: (07/06/2014 02:30:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcupdate.exe6.1.7601.175144ce7af4amscorwks.dll2.0.50727.54775265c8eec0000005000000000054688e

Error: (07/06/2014 02:30:41 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEEA8554F6) (80131506)

Error: (07/06/2014 02:30:37 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEE9EB54F6) (80131506)

Error: (07/06/2014 00:35:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc000000500000000000544e089c01cf98c2c0276e32C:\Windows\system32\svchost.exec:\windows\system32\sysmain.dll5c68ed00-04cf-11e4-b2b1-6c626d80af17

CodeIntegrity Errors:
===================================
Date: 2014-05-26 16:55:43.665
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2014-05-26 15:55:31.665
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2014-05-26 15:49:11.871
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2014-05-26 11:58:17.575
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 4095.18 MB
Available physical RAM: 1969.72 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5873.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100.49 GB) (Free:2.41 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Storage) (Fixed) (Total:730.34 GB) (Free:169.79 GB) NTFS
Drive g: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 000A6787)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=101 GB) - (Type=83)
Partition 4: (Not Active) - (Size=730 GB) - (Type=07 NTFS)

==================== End Of Log ============================

ken545 · Jul 6, 2014

Good, the proxy is gone, I didnt want you surfin the internet going thru a proxy that malware set

Please download DelFix and save the file to your Desktop.

Double-click DelFix.exe to run the program.
Place a checkmark next to the following items:

.Activate UAC
.Remove disinfection tools
.Create registry backup
.Reset System Settings

Click the Run button

This will remove the specialised tools we used to clean your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually

How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
WhattheTech
Grinler BleepingComputer
GeeksTo Go
Dslreports

Safe Surfn
Ken

geraldgrogan · Jul 6, 2014

Looks like it completed without errors:
# DelFix v10.7 - Logfile created 06/07/2014 at 14:45:28
# Updated 27/04/2014 by Xplode
# Username : jmgrogan - NOODLES-HTPC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\Users\jmgrogan\Desktop\Addition.txt
Deleted : C:\Users\jmgrogan\Desktop\FRST.txt
Deleted : C:\Users\jmgrogan\Desktop\FRST64.exe
Deleted : C:\Users\jmgrogan\Downloads\Addition.txt
Deleted : C:\Users\jmgrogan\Downloads\FRST.txt
Deleted : C:\Users\jmgrogan\Downloads\FRST64.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Creating registry backup ... OK

~ Resetting system settings ... OK

########## - EOF - ##########

ken545 · Jul 6, 2014

Great, looks like your on your way, my pleasure helping you

How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
WhattheTech
Grinler BleepingComputer
GeeksTo Go
Dslreports

Safe Surfn
Ken

ken545 · Jul 7, 2014

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Request for assistance with removal of SurfShield

ken545

Emeritus-Security Expert

geraldgrogan

New member

ken545

Emeritus-Security Expert

geraldgrogan

New member

geraldgrogan

New member

geraldgrogan

New member

ken545

Emeritus-Security Expert

geraldgrogan

New member

ken545

Emeritus-Security Expert

ken545

Emeritus-Security Expert